NTFS sets a flag for the file once you encrypt it and creates an EFS attribute where it stores Data Decryption Field (DDF) and Data Recovery Field (DDR). Which of the following is not a part of DDF?
NTFS sets a flag for the file once you encrypt it and creates an EFS attribute where it stores Data Decryption Field (DDF) and Data Recovery Field (DDR). Which of the following is not a part of DDF?
The Data Decryption Field (DDF) in the context of NTFS and EFS includes the Encrypted File Encryption Key (FEK), EFS Certificate Hash, and Checksum. The Container Name is not part of the DDF; it is not included in the EFS attributes related to encryption and decryption directly. Therefore, Container Name is not a part of the DDF.
In the context of NTFS and EFS (Encrypting File System), the Data Decryption Field (DDF) includes: Encrypted FEK: The File Encryption Key used to encrypt the file data. Checksum: Used for verifying the integrity of the encrypted data. EFS Certificate Hash: Part of the cryptographic information used to decrypt the file. Container Name is not part of the Data Decryption Field (DDF). It is not included in the EFS attributes related to encryption and decryption directly. so the answer is D container name
CHFIv11 page 245. checksum is included in the Header, NOT the DDF.
B > The DDF contains: User SID Container Name Provider Name EFS Certificate Hash Encrypted FEK